Beware of botnets and image spam. New threats exist to your office email systems so there's no time like the present to invest in protection.
The morning after the premiere of the sixth season of Fox's 24, millions of emails starting appearing in in-boxes everywhere with a quote from the show's hero, Jack Bauer. The quote wasn't meant to be inspirational. It was designed to fool email recipients who think the message may have come from someone they know.
That was just the latest weapon in the ongoing war between spammers and the companies that offer anti-spam software and hardware products.
For much of 2006, the spammers appeared to be winning. The year included two major spam innovations -- image spam and botnets, the latter of which are software robots that run autonomously. Those new threats managed to double the amount of spam, according to IronPort Systems, an email security provider from San Bruno, Calif.
Hidden dangers in spam
Usually spam, which accounts for about 90 percent of all email, is just a nuisance, but it can become harmful when employees opt to download software in a malevolent email message. Since most people are aware of spam and the risks involved, you might think that most employees would know better. "You would think," says Natalie Lambert, of Forrester Research, the Cambridge, Mass. research firm. "But it's not the case." That's especially true when spammers keep coming up with new tricks.
So, businesses in general have little choice but to try to limit spam as much as they possibly can. Since small businesses usually lack a deep roster of IT pros, a good option is to outsource the spam-fighting to someone else.
There are two main options to do this: email appliances and hosted email services.
Email appliances are hardware devices that have one function: screen spam, viruses and worms from infecting computers in the system. "You literally plug the thing in and a blinky light starts to flash and the spam goes away," says Tom Gillis, senior vice president of marketing for IronPort, which is in the process of being acquired by Cisco Systems. IronPort's systems start at $2,000, which includes a three-year service contract. That appliance can serve up to 50 users.
Fooling the spam filters
For that money, you get full-time spam cops. Like antivirus firms, email security companies like IronPort are constantly trying to outwit the bad guys. Take image spam: Spam filters have traditionally worked by looking for spam buzzwords. But when you send an email message as a JPEG rather than as a text file, such filters are useless.
IronPort quickly realized this and came up with an antidote. Another way spammers elude filters is by colonizing other PCs with botnets, which fooled spam filters that were looking for known spam IP addresses. Gillis said IronPort is tackling botnets with "reputation analysis," a tool that better traces where the email originates.
Another anti-spam option is a hosted service that does what IronPort does only without the hardware. Such services are usually charged at a monthly rate. Apptix, for instance, charges $9.95 a month per user to manage e-mail or $11.95 if the customer wants advanced filtering. Semir Gulati, vice president of marketing at Apptix, Herndon, Va., said the system catches 95 percent of the spam "and you don't even know it."
Robert Maynard, chief operating officer of LifeLock, a Tempe, Ariz. identity theft prevention agency, says he is "ecstatic" with Apptix's hosted service, even though it costs him $1,400 to $1,500 a month to get the company to run email accounts for 46 employees. "People write the numbers down and say 'I could just buy a license," says Maynard, "but there are so many costs in running a mission-critical system like email that it just makes all the sense in the world to pay these guys."